s3:libsmb: move cli->capabilities to cli->conn.smb1.capabilities

[nivanova/samba-autobuild/.git] / source3 / libsmb / clientgen.c

diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 3fb1c7fc7f6b30297e61dae623787df0e1d89ba6..78211583d6de0d7bd1c05282e73e939f89b91631 100644 (file)
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -19,6 +19,8 @@
 */
 
 #include "includes.h"
+#include "libsmb/libsmb.h"
+#include "../lib/util/tevent_ntstatus.h"
 #include "smb_signing.h"
 #include "async_smb.h"
 
@@ -48,375 +50,13 @@ unsigned int cli_set_timeout(struct cli_state *cli, unsigned int timeout)
        return old_timeout;
 }
 
-/****************************************************************************
- Change the port number used to call on.
-****************************************************************************/
-
-void cli_set_port(struct cli_state *cli, int port)
-{
-       cli->port = port;
-}
-
 /****************************************************************************
  convenience routine to find if we negotiated ucs2
 ****************************************************************************/
 
 bool cli_ucs2(struct cli_state *cli)
 {
-       return ((cli->capabilities & CAP_UNICODE) != 0);
-}
-
-
-/****************************************************************************
- Read an smb from a fd ignoring all keepalive packets.
- The timeout is in milliseconds
-
- This is exactly the same as receive_smb except that it never returns
- a session keepalive packet (just as receive_smb used to do).
- receive_smb was changed to return keepalives as the oplock processing means this call
- should never go into a blocking read.
-****************************************************************************/
-
-static ssize_t client_receive_smb(struct cli_state *cli, size_t maxlen)
-{
-       size_t len;
-
-       for(;;) {
-               NTSTATUS status;
-
-               set_smb_read_error(&cli->smb_rw_error, SMB_READ_OK);
-
-               status = receive_smb_raw(cli->fd, cli->inbuf, cli->bufsize,
-                                       cli->timeout, maxlen, &len);
-               if (!NT_STATUS_IS_OK(status)) {
-                       DEBUG(10,("client_receive_smb failed\n"));
-                       show_msg(cli->inbuf);
-
-                       if (NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)) {
-                               set_smb_read_error(&cli->smb_rw_error,
-                                                  SMB_READ_EOF);
-                               return -1;
-                       }
-
-                       if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
-                               set_smb_read_error(&cli->smb_rw_error,
-                                                  SMB_READ_TIMEOUT);
-                               return -1;
-                       }
-
-                       set_smb_read_error(&cli->smb_rw_error, SMB_READ_ERROR);
-                       return -1;
-               }
-
-               /*
-                * I don't believe len can be < 0 with NT_STATUS_OK
-                * returned above, but this check doesn't hurt. JRA.
-                */
-
-               if ((ssize_t)len < 0) {
-                       return len;
-               }
-
-               /* Ignore session keepalive packets. */
-               if(CVAL(cli->inbuf,0) != SMBkeepalive) {
-                       break;
-               }
-       }
-
-       if (cli_encryption_on(cli)) {
-               NTSTATUS status = cli_decrypt_message(cli);
-               if (!NT_STATUS_IS_OK(status)) {
-                       DEBUG(0, ("SMB decryption failed on incoming packet! Error %s\n",
-                               nt_errstr(status)));
-                       cli->smb_rw_error = SMB_READ_BAD_DECRYPT;
-                       return -1;
-               }
-       }
-
-       show_msg(cli->inbuf);
-       return len;
-}
-
-static bool cli_state_set_seqnum(struct cli_state *cli, uint16_t mid, uint32_t seqnum)
-{
-       struct cli_state_seqnum *c;
-
-       for (c = cli->seqnum; c; c = c->next) {
-               if (c->mid == mid) {
-                       c->seqnum = seqnum;
-                       return true;
-               }
-       }
-
-       c = talloc_zero(cli, struct cli_state_seqnum);
-       if (!c) {
-               return false;
-       }
-
-       c->mid = mid;
-       c->seqnum = seqnum;
-       c->persistent = false;
-       DLIST_ADD_END(cli->seqnum, c, struct cli_state_seqnum *);
-
-       return true;
-}
-
-bool cli_state_seqnum_persistent(struct cli_state *cli,
-                                uint16_t mid)
-{
-       struct cli_state_seqnum *c;
-
-       for (c = cli->seqnum; c; c = c->next) {
-               if (c->mid == mid) {
-                       c->persistent = true;
-                       return true;
-               }
-       }
-
-       return false;
-}
-
-bool cli_state_seqnum_remove(struct cli_state *cli,
-                            uint16_t mid)
-{
-       struct cli_state_seqnum *c;
-
-       for (c = cli->seqnum; c; c = c->next) {
-               if (c->mid == mid) {
-                       DLIST_REMOVE(cli->seqnum, c);
-                       TALLOC_FREE(c);
-                       return true;
-               }
-       }
-
-       return false;
-}
-
-static uint32_t cli_state_get_seqnum(struct cli_state *cli, uint16_t mid)
-{
-       struct cli_state_seqnum *c;
-
-       for (c = cli->seqnum; c; c = c->next) {
-               if (c->mid == mid) {
-                       uint32_t seqnum = c->seqnum;
-                       if (!c->persistent) {
-                               DLIST_REMOVE(cli->seqnum, c);
-                               TALLOC_FREE(c);
-                       }
-                       return seqnum;
-               }
-       }
-
-       return 0;
-}
-
-/****************************************************************************
- Recv an smb.
-****************************************************************************/
-
-bool cli_receive_smb(struct cli_state *cli)
-{
-       ssize_t len;
-       uint16_t mid;
-       uint32_t seqnum;
-
-       /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
-       if (cli->fd == -1)
-               return false; 
-
- again:
-       len = client_receive_smb(cli, 0);
-       
-       if (len > 0) {
-               /* it might be an oplock break request */
-               if (!(CVAL(cli->inbuf, smb_flg) & FLAG_REPLY) &&
-                   CVAL(cli->inbuf,smb_com) == SMBlockingX &&
-                   SVAL(cli->inbuf,smb_vwv6) == 0 &&
-                   SVAL(cli->inbuf,smb_vwv7) == 0) {
-                       if (cli->oplock_handler) {
-                               int fnum = SVAL(cli->inbuf,smb_vwv2);
-                               unsigned char level = CVAL(cli->inbuf,smb_vwv3+1);
-                               if (!NT_STATUS_IS_OK(cli->oplock_handler(cli, fnum, level))) {
-                                       return false;
-                               }
-                       }
-                       /* try to prevent loops */
-                       SCVAL(cli->inbuf,smb_com,0xFF);
-                       goto again;
-               }
-       }
-
-       /* If the server is not responding, note that now */
-       if (len < 0) {
-               char addr[INET6_ADDRSTRLEN];
-
-               print_sockaddr(addr, sizeof(addr), &cli->dest_ss);
-                DEBUG(0, ("Receiving SMB: Server %s stopped responding\n",
-                         addr));
-               close(cli->fd);
-               cli->fd = -1;
-               return false;
-       }
-
-       mid = SVAL(cli->inbuf,smb_mid);
-       seqnum = cli_state_get_seqnum(cli, mid);
-
-       if (!cli_check_sign_mac(cli, cli->inbuf, seqnum+1)) {
-               /*
-                * If we get a signature failure in sessionsetup, then
-                * the server sometimes just reflects the sent signature
-                * back to us. Detect this and allow the upper layer to
-                * retrieve the correct Windows error message.
-                */
-               if (CVAL(cli->outbuf,smb_com) == SMBsesssetupX &&
-                       (smb_len(cli->inbuf) > (smb_ss_field + 8 - 4)) &&
-                       (SVAL(cli->inbuf,smb_flg2) & FLAGS2_SMB_SECURITY_SIGNATURES) &&
-                       memcmp(&cli->outbuf[smb_ss_field],&cli->inbuf[smb_ss_field],8) == 0 &&
-                       cli_is_error(cli)) {
-
-                       /*
-                        * Reflected signature on login error. 
-                        * Set bad sig but don't close fd.
-                        */
-                       cli->smb_rw_error = SMB_READ_BAD_SIG;
-                       return true;
-               }
-
-               DEBUG(0, ("SMB Signature verification failed on incoming packet!\n"));
-               cli->smb_rw_error = SMB_READ_BAD_SIG;
-               close(cli->fd);
-               cli->fd = -1;
-               return false;
-       };
-       return true;
-}
-
-static ssize_t write_socket(int fd, const char *buf, size_t len)
-{
-        ssize_t ret=0;
-
-        DEBUG(6,("write_socket(%d,%d)\n",fd,(int)len));
-        ret = write_data(fd,buf,len);
-
-        DEBUG(6,("write_socket(%d,%d) wrote %d\n",fd,(int)len,(int)ret));
-        if(ret <= 0)
-                DEBUG(0,("write_socket: Error writing %d bytes to socket %d: ERRNO = %s\n",
-                        (int)len, fd, strerror(errno) ));
-
-        return(ret);
-}
-
-/****************************************************************************
- Send an smb to a fd.
-****************************************************************************/
-
-bool cli_send_smb(struct cli_state *cli)
-{
-       size_t len;
-       size_t nwritten=0;
-       ssize_t ret;
-       char *buf_out = cli->outbuf;
-       bool enc_on = cli_encryption_on(cli);
-       uint32_t seqnum;
-
-       /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
-       if (cli->fd == -1)
-               return false;
-
-       cli_calculate_sign_mac(cli, cli->outbuf, &seqnum);
-
-       if (!cli_state_set_seqnum(cli, cli->mid, seqnum)) {
-               DEBUG(0,("Failed to store mid[%u]/seqnum[%u]\n",
-                       (unsigned int)cli->mid,
-                       (unsigned int)seqnum));
-               return false;
-       }
-
-       if (enc_on) {
-               NTSTATUS status = cli_encrypt_message(cli, cli->outbuf,
-                                                     &buf_out);
-               if (!NT_STATUS_IS_OK(status)) {
-                       close(cli->fd);
-                       cli->fd = -1;
-                       cli->smb_rw_error = SMB_WRITE_ERROR;
-                       DEBUG(0,("Error in encrypting client message. Error %s\n",
-                               nt_errstr(status) ));
-                       return false;
-               }
-       }
-
-       len = smb_len(buf_out) + 4;
-
-       while (nwritten < len) {
-               ret = write_socket(cli->fd,buf_out+nwritten,len - nwritten);
-               if (ret <= 0) {
-                       if (enc_on) {
-                               cli_free_enc_buffer(cli, buf_out);
-                       }
-                       close(cli->fd);
-                       cli->fd = -1;
-                       cli->smb_rw_error = SMB_WRITE_ERROR;
-                       DEBUG(0,("Error writing %d bytes to client. %d (%s)\n",
-                               (int)len,(int)ret, strerror(errno) ));
-                       return false;
-               }
-               nwritten += ret;
-       }
-
-       if (enc_on) {
-               cli_free_enc_buffer(cli, buf_out);
-       }
-
-       /* Increment the mid so we can tell between responses. */
-       cli->mid++;
-       if (!cli->mid)
-               cli->mid++;
-       return true;
-}
-
-/****************************************************************************
- Send a "direct" writeX smb to a fd.
-****************************************************************************/
-
-bool cli_send_smb_direct_writeX(struct cli_state *cli,
-                               const char *p,
-                               size_t extradata)
-{
-       /* First length to send is the offset to the data. */
-       size_t len = SVAL(cli->outbuf,smb_vwv11) + 4;
-       size_t nwritten=0;
-       struct iovec iov[2];
-
-       /* fd == -1 causes segfaults -- Tom (tom@ninja.nl) */
-       if (cli->fd == -1) {
-               return false;
-       }
-
-       if (client_is_signing_on(cli)) {
-               DEBUG(0,("cli_send_smb_large: cannot send signed packet.\n"));
-               return false;
-       }
-
-       iov[0].iov_base = (void *)cli->outbuf;
-       iov[0].iov_len = len;
-       iov[1].iov_base = CONST_DISCARD(void *, p);
-       iov[1].iov_len = extradata;
-
-       nwritten = write_data_iov(cli->fd, iov, 2);
-       if (nwritten < (len + extradata)) {
-               close(cli->fd);
-               cli->fd = -1;
-               cli->smb_rw_error = SMB_WRITE_ERROR;
-               DEBUG(0,("Error writing %d bytes to client. (%s)\n",
-                        (int)(len+extradata), strerror(errno)));
-               return false;
-       }
-
-       /* Increment the mid so we can tell between responses. */
-       cli->mid++;
-       if (!cli->mid)
-               cli->mid++;
-       return true;
+       return ((cli_state_capabilities(cli) & CAP_UNICODE) != 0);
 }
 
 /****************************************************************************
@@ -428,12 +68,12 @@ void cli_setup_packet_buf(struct cli_state *cli, char *buf)
        uint16 flags2;
        cli->rap_error = 0;
        SIVAL(buf,smb_rcls,0);
-       SSVAL(buf,smb_pid,cli->pid);
+       SSVAL(buf,smb_pid,cli->smb1.pid);
        memset(buf+smb_pidhigh, 0, 12);
-       SSVAL(buf,smb_uid,cli->vuid);
-       SSVAL(buf,smb_mid,cli->mid);
+       SSVAL(buf,smb_uid, cli_state_get_uid(cli));
+       SSVAL(buf,smb_mid, 0);
 
-       if (cli->protocol <= PROTOCOL_CORE) {
+       if (cli_state_protocol(cli) <= PROTOCOL_CORE) {
                return;
        }
 
@@ -444,31 +84,17 @@ void cli_setup_packet_buf(struct cli_state *cli, char *buf)
                SCVAL(buf,smb_flg,0x8);
        }
        flags2 = FLAGS2_LONG_PATH_COMPONENTS;
-       if (cli->capabilities & CAP_UNICODE)
+       if (cli_state_capabilities(cli) & CAP_UNICODE)
                flags2 |= FLAGS2_UNICODE_STRINGS;
-       if ((cli->capabilities & CAP_DFS) && cli->dfsroot)
+       if ((cli_state_capabilities(cli) & CAP_DFS) && cli->dfsroot)
                flags2 |= FLAGS2_DFS_PATHNAMES;
-       if (cli->capabilities & CAP_STATUS32)
+       if (cli_state_capabilities(cli) & CAP_STATUS32)
                flags2 |= FLAGS2_32_BIT_ERROR_CODES;
-       if (cli->use_spnego)
+       if (cli_state_capabilities(cli) & CAP_EXTENDED_SECURITY)
                flags2 |= FLAGS2_EXTENDED_SECURITY;
        SSVAL(buf,smb_flg2, flags2);
 }
 
-void cli_setup_packet(struct cli_state *cli)
-{
-       cli_setup_packet_buf(cli, cli->outbuf);
-}
-
-/****************************************************************************
- Setup the bcc length of the packet from a pointer to the end of the data.
-****************************************************************************/
-
-void cli_setup_bcc(struct cli_state *cli, void *p)
-{
-       set_message_bcc(cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf)));
-}
-
 /****************************************************************************
  Initialize Domain, user or password.
 ****************************************************************************/
@@ -535,11 +161,22 @@ NTSTATUS cli_init_creds(struct cli_state *cli, const char *username, const char
  Set the signing state (used from the command line).
 ****************************************************************************/
 
-struct cli_state *cli_initialise_ex(int signing_state)
+struct cli_state *cli_state_create(TALLOC_CTX *mem_ctx,
+                                  int fd,
+                                  const char *remote_name,
+                                  const char *remote_realm,
+                                  int signing_state, int flags)
 {
        struct cli_state *cli = NULL;
-       bool allow_smb_signing = false;
-       bool mandatory_signing = false;
+       bool allow_smb_signing;
+       bool desire_smb_signing;
+       bool mandatory_signing;
+       socklen_t ss_length;
+       int ret;
+       bool use_spnego = lp_client_use_spnego();
+       bool force_dos_errors = false;
+       bool force_ascii = false;
+       bool use_level_II_oplocks = false;
 
        /* Check the effective uid - make sure we are not setuid */
        if (is_setuid_root()) {
@@ -547,7 +184,7 @@ struct cli_state *cli_initialise_ex(int signing_state)
                return NULL;
        }
 
-       cli = TALLOC_ZERO_P(NULL, struct cli_state);
+       cli = talloc_zero(mem_ctx, struct cli_state);
        if (!cli) {
                return NULL;
        }
@@ -556,100 +193,175 @@ struct cli_state *cli_initialise_ex(int signing_state)
        if (!cli->dfs_mountpoint) {
                goto error;
        }
-       cli->port = 0;
-       cli->fd = -1;
-       cli->cnum = -1;
-       cli->pid = (uint16)sys_getpid();
-       cli->mid = 1;
-       cli->vuid = UID_FIELD_INVALID;
-       cli->protocol = PROTOCOL_NT1;
+       cli->raw_status = NT_STATUS_INTERNAL_ERROR;
        cli->timeout = 20000; /* Timeout is in milliseconds. */
-       cli->bufsize = CLI_BUFFER_SIZE+4;
-       cli->max_xmit = cli->bufsize;
-       cli->outbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
-       cli->seqnum = 0;
-       cli->inbuf = (char *)SMB_MALLOC(cli->bufsize+SAFETY_MARGIN);
-       cli->oplock_handler = cli_oplock_ack;
+       cli->max_xmit = CLI_BUFFER_SIZE+4;
        cli->case_sensitive = false;
-       cli->smb_rw_error = SMB_READ_OK;
-
-       cli->use_spnego = lp_client_use_spnego();
-
-       cli->capabilities = CAP_UNICODE | CAP_STATUS32 | CAP_DFS;
 
        /* Set the CLI_FORCE_DOSERR environment variable to test
           client routines using DOS errors instead of STATUS32
           ones.  This intended only as a temporary hack. */    
-       if (getenv("CLI_FORCE_DOSERR"))
-               cli->force_dos_errors = true;
-
-       if (lp_client_signing()) {
-               allow_smb_signing = true;
+       if (getenv("CLI_FORCE_DOSERR")) {
+               force_dos_errors = true;
        }
-
-       if (lp_client_signing() == Required) {
-               mandatory_signing = true;
+       if (flags & CLI_FULL_CONNECTION_FORCE_DOS_ERRORS) {
+               force_dos_errors = true;
        }
 
-       if (signing_state != Undefined) {
-               allow_smb_signing = true;
+       if (getenv("CLI_FORCE_ASCII")) {
+               force_ascii = true;
        }
-
-       if (signing_state == false) {
-               allow_smb_signing = false;
-               mandatory_signing = false;
+       if (flags & CLI_FULL_CONNECTION_FORCE_ASCII) {
+               force_ascii = true;
        }
 
-       if (signing_state == Required) {
-               mandatory_signing = true;
+       if (flags & CLI_FULL_CONNECTION_DONT_SPNEGO) {
+               use_spnego = false;
+       } else if (flags & CLI_FULL_CONNECTION_USE_KERBEROS) {
+               cli->use_kerberos = true;
+       }
+       if ((flags & CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS) &&
+            cli->use_kerberos) {
+               cli->fallback_after_kerberos = true;
        }
 
-       if (!cli->outbuf || !cli->inbuf)
-                goto error;
+       if (flags & CLI_FULL_CONNECTION_USE_CCACHE) {
+               cli->use_ccache = true;
+       }
 
-       memset(cli->outbuf, 0, cli->bufsize);
-       memset(cli->inbuf, 0, cli->bufsize);
+       if (flags & CLI_FULL_CONNECTION_OPLOCKS) {
+               cli->use_oplocks = true;
+       }
+       if (flags & CLI_FULL_CONNECTION_LEVEL_II_OPLOCKS) {
+               use_level_II_oplocks = true;
+       }
 
+       if (signing_state == Undefined) {
+               signing_state = lp_client_signing();
+       }
 
-#if defined(DEVELOPER)
-       /* just because we over-allocate, doesn't mean it's right to use it */
-       clobber_region(FUNCTION_MACRO, __LINE__, cli->outbuf+cli->bufsize, SAFETY_MARGIN);
-       clobber_region(FUNCTION_MACRO, __LINE__, cli->inbuf+cli->bufsize, SAFETY_MARGIN);
-#endif
+       switch (signing_state) {
+       case false:
+               /* never */
+               allow_smb_signing = false;
+               desire_smb_signing = false;
+               mandatory_signing = false;
+               break;
+       case true:
+               /* if the server supports it */
+               allow_smb_signing = true;
+               desire_smb_signing = true;
+               mandatory_signing = false;
+               break;
+       default:
+       case Undefined:
+       case Auto:
+               /* if the server requires it */
+               allow_smb_signing = true;
+               desire_smb_signing = false;
+               mandatory_signing = false;
+               break;
+       case Required:
+               /* always */
+               allow_smb_signing = true;
+               desire_smb_signing = true;
+               mandatory_signing = true;
+               break;
+       }
 
        /* initialise signing */
        cli->signing_state = smb_signing_init(cli,
                                              allow_smb_signing,
+                                             desire_smb_signing,
                                              mandatory_signing);
        if (!cli->signing_state) {
                goto error;
        }
 
-       cli->outgoing = tevent_queue_create(cli, "cli_outgoing");
-       if (cli->outgoing == NULL) {
+       cli->conn.smb1.client.capabilities = 0;
+       cli->conn.smb1.client.capabilities |= CAP_LARGE_FILES;
+       cli->conn.smb1.client.capabilities |= CAP_NT_SMBS | CAP_RPC_REMOTE_APIS;
+       cli->conn.smb1.client.capabilities |= CAP_LOCK_AND_READ | CAP_NT_FIND;
+       cli->conn.smb1.client.capabilities |= CAP_DFS | CAP_W2K_SMBS;
+       cli->conn.smb1.client.capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX;
+       cli->conn.smb1.client.capabilities |= CAP_LWIO;
+
+       if (!force_dos_errors) {
+               cli->conn.smb1.client.capabilities |= CAP_STATUS32;
+       }
+
+       if (!force_ascii) {
+               cli->conn.smb1.client.capabilities |= CAP_UNICODE;
+       }
+
+       if (use_spnego) {
+               cli->conn.smb1.client.capabilities |= CAP_EXTENDED_SECURITY;
+       }
+
+       if (use_level_II_oplocks) {
+               cli->conn.smb1.client.capabilities |= CAP_LEVEL_II_OPLOCKS;
+       }
+
+       cli->conn.smb1.capabilities = cli->conn.smb1.client.capabilities;
+
+       cli->conn.outgoing = tevent_queue_create(cli, "cli_outgoing");
+       if (cli->conn.outgoing == NULL) {
                goto error;
        }
-       cli->pending = NULL;
+       cli->conn.pending = NULL;
 
-       cli->initialised = 1;
+       cli->conn.remote_name = talloc_strdup(cli, remote_name);
+       if (cli->conn.remote_name == NULL) {
+               goto error;
+       }
 
+       if (remote_realm) {
+               cli->conn.remote_realm = talloc_strdup(cli, remote_realm);
+               if (cli->conn.remote_realm == NULL) {
+                       goto error;
+               }
+       }
+
+       cli->conn.fd = fd;
+
+       ss_length = sizeof(cli->conn.local_ss);
+       ret = getsockname(fd,
+                         (struct sockaddr *)(void *)&cli->conn.local_ss,
+                         &ss_length);
+       if (ret == -1) {
+               goto error;
+       }
+       ss_length = sizeof(cli->conn.remote_ss);
+       ret = getpeername(fd,
+                         (struct sockaddr *)(void *)&cli->conn.remote_ss,
+                         &ss_length);
+       if (ret == -1) {
+               goto error;
+       }
+
+       cli->smb1.mid = 1;
+       cli->smb1.pid = (uint16_t)sys_getpid();
+       cli->smb1.vc_num = cli->smb1.pid;
+       cli->smb1.tid = UINT16_MAX;
+       cli->smb1.uid = UID_FIELD_INVALID;
+
+       cli->initialised = 1;
        return cli;
 
         /* Clean up after malloc() error */
 
  error:
 
-        SAFE_FREE(cli->inbuf);
-        SAFE_FREE(cli->outbuf);
        TALLOC_FREE(cli);
         return NULL;
 }
 
-struct cli_state *cli_initialise(void)
+bool cli_state_encryption_on(struct cli_state *cli)
 {
-       return cli_initialise_ex(Undefined);
+       return common_encryption_on(cli->trans_enc_state);
 }
 
+
 /****************************************************************************
  Close all pipes open on this session.
 ****************************************************************************/
@@ -679,32 +391,21 @@ static void _cli_shutdown(struct cli_state *cli)
         * can remain active on the peer end, until some (long) timeout period
         * later.  This tree disconnect forces the peer to clean up, since the
         * connection will be going away.
-        *
-        * Also, do not do tree disconnect when cli->smb_rw_error is SMB_DO_NOT_DO_TDIS
-        * the only user for this so far is smbmount which passes opened connection
-        * down to kernel's smbfs module.
         */
-       if ( (cli->cnum != (uint16)-1) && (cli->smb_rw_error != SMB_DO_NOT_DO_TDIS ) ) {
+       if (cli_state_has_tcon(cli)) {
                cli_tdis(cli);
        }
         
-       SAFE_FREE(cli->outbuf);
-       SAFE_FREE(cli->inbuf);
-
        data_blob_free(&cli->secblob);
        data_blob_free(&cli->user_session_key);
 
-       if (cli->fd != -1) {
-               close(cli->fd);
-       }
-       cli->fd = -1;
-       cli->smb_rw_error = SMB_READ_OK;
+       cli_state_disconnect(cli);
 
        /*
         * Need to free pending first, they remove themselves
         */
-       while (cli->pending) {
-               talloc_free(cli->pending[0]);
+       while (cli->conn.pending) {
+               talloc_free(cli->conn.pending[0]);
        }
        TALLOC_FREE(cli);
 }
@@ -741,7 +442,37 @@ void cli_shutdown(struct cli_state *cli)
 
 void cli_sockopt(struct cli_state *cli, const char *options)
 {
-       set_socket_options(cli->fd, options);
+       set_socket_options(cli->conn.fd, options);
+}
+
+const struct sockaddr_storage *cli_state_local_sockaddr(struct cli_state *cli)
+{
+       return &cli->conn.local_ss;
+}
+
+const struct sockaddr_storage *cli_state_remote_sockaddr(struct cli_state *cli)
+{
+       return &cli->conn.remote_ss;
+}
+
+const char *cli_state_remote_name(struct cli_state *cli)
+{
+       return cli->conn.remote_name;
+}
+
+const char *cli_state_remote_realm(struct cli_state *cli)
+{
+       return cli->conn.remote_realm;
+}
+
+uint16_t cli_state_get_vc_num(struct cli_state *cli)
+{
+       return cli->smb1.vc_num;
+}
+
+uint32_t cli_state_server_session_key(struct cli_state *cli)
+{
+       return cli->sesskey;
 }
 
 /****************************************************************************
@@ -750,8 +481,46 @@ void cli_sockopt(struct cli_state *cli, const char *options)
 
 uint16 cli_setpid(struct cli_state *cli, uint16 pid)
 {
-       uint16 ret = cli->pid;
-       cli->pid = pid;
+       uint16_t ret = cli->smb1.pid;
+       cli->smb1.pid = pid;
+       return ret;
+}
+
+uint16_t cli_getpid(struct cli_state *cli)
+{
+       return cli->smb1.pid;
+}
+
+bool cli_state_has_tcon(struct cli_state *cli)
+{
+       if (cli->smb1.tid == UINT16_MAX) {
+               return false;
+       }
+
+       return true;
+}
+
+uint16_t cli_state_get_tid(struct cli_state *cli)
+{
+       return cli->smb1.tid;
+}
+
+uint16_t cli_state_set_tid(struct cli_state *cli, uint16_t tid)
+{
+       uint16_t ret = cli->smb1.tid;
+       cli->smb1.tid = tid;
+       return ret;
+}
+
+uint16_t cli_state_get_uid(struct cli_state *cli)
+{
+       return cli->smb1.uid;
+}
+
+uint16_t cli_state_set_uid(struct cli_state *cli, uint16_t uid)
+{
+       uint16_t ret = cli->smb1.uid;
+       cli->smb1.uid = uid;
        return ret;
 }
 
@@ -766,6 +535,49 @@ bool cli_set_case_sensitive(struct cli_state *cli, bool case_sensitive)
        return ret;
 }
 
+enum protocol_types cli_state_protocol(struct cli_state *cli)
+{
+       return cli->conn.protocol;
+}
+
+uint32_t cli_state_capabilities(struct cli_state *cli)
+{
+       return cli->conn.smb1.capabilities;
+}
+
+uint32_t cli_state_available_size(struct cli_state *cli, uint32_t ofs)
+{
+       uint32_t ret = cli->max_xmit;
+
+       if (ofs >= ret) {
+               return 0;
+       }
+
+       ret -= ofs;
+
+       return ret;
+}
+
+uint16_t cli_state_max_requests(struct cli_state *cli)
+{
+       return cli->max_mux;
+}
+
+uint16_t cli_state_security_mode(struct cli_state *cli)
+{
+       return cli->sec_mode;
+}
+
+int cli_state_server_time_zone(struct cli_state *cli)
+{
+       return cli->serverzone;
+}
+
+time_t cli_state_server_time(struct cli_state *cli)
+{
+       return cli->servertime;
+}
+
 struct cli_echo_state {
        uint16_t vwv[1];
        DATA_BLOB data;
@@ -892,9 +704,6 @@ NTSTATUS cli_echo(struct cli_state *cli, uint16_t num_echos, DATA_BLOB data)
        status = cli_echo_recv(req);
  fail:
        TALLOC_FREE(frame);
-       if (!NT_STATUS_IS_OK(status)) {
-               cli_set_error(cli, status);
-       }
        return status;
 }
 
@@ -954,7 +763,7 @@ NTSTATUS cli_smb(TALLOC_CTX *mem_ctx, struct cli_state *cli,
                              pnum_bytes, pbytes);
 fail:
         TALLOC_FREE(ev);
-       if (NT_STATUS_IS_OK(status)) {
+       if (NT_STATUS_IS_OK(status) && (result_parent != NULL)) {
                *result_parent = req;
        }
         return status;